diff --git a/NEWS b/NEWS
index b2b8aaacf15..12ccb411bb5 100644
--- a/NEWS
+++ b/NEWS
@@ -7,6 +7,9 @@ PHP                                                                        NEWS
   . Fixed bug GH-20073 (Assertion failure in WeakMap offset operations on
     reference). (nielsdos)
 
+- Random:
+  . Fix Randomizer::__serialize() w.r.t. INDIRECTs. (nielsdos)
+
 23 Oct 2025, PHP 8.3.27
 
 - Core:
diff --git a/ext/random/randomizer.c b/ext/random/randomizer.c
index fe9ad5fc35a..6254fe27c9c 100644
--- a/ext/random/randomizer.c
+++ b/ext/random/randomizer.c
@@ -468,8 +468,7 @@ PHP_METHOD(Random_Randomizer, __serialize)
 	ZEND_PARSE_PARAMETERS_NONE();
 
 	array_init(return_value);
-	ZVAL_ARR(&t, zend_std_get_properties(&randomizer->std));
-	Z_TRY_ADDREF(t);
+	ZVAL_ARR(&t, zend_array_dup(zend_std_get_properties(&randomizer->std)));
 	zend_hash_next_index_insert(Z_ARRVAL_P(return_value), &t);
 }
 /* }}} */
diff --git a/ext/random/tests/03_randomizer/methods/__serialize_indirects.phpt b/ext/random/tests/03_randomizer/methods/__serialize_indirects.phpt
new file mode 100644
index 00000000000..1207e18dd82
--- /dev/null
+++ b/ext/random/tests/03_randomizer/methods/__serialize_indirects.phpt
@@ -0,0 +1,18 @@
+--TEST--
+Random: Engine: __serialize() must not expose INDIRECTs
+--FILE--
+<?php
+
+$randomizer = new Random\Randomizer(null);
+var_dump($randomizer->__serialize());
+
+?>
+--EXPECT--
+array(1) {
+  [0]=>
+  array(1) {
+    ["engine"]=>
+    object(Random\Engine\Secure)#2 (0) {
+    }
+  }
+}